portfolio
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and executes the 'fibx' package from the NPM registry using npx at runtime.
- [REMOTE_CODE_EXECUTION]: Execution of remote code occurs via the npx command, which retrieves the latest package version during tool invocation.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run CLI commands. The inclusion of a wildcard in the command definition allows for arbitrary arguments to be passed to the tool.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. (1) Ingestion points: The agent ingests output from the portfolio CLI, which contains data from external blockchain sources. (2) Boundary markers: No delimiters are used to separate tool output from instructions. (3) Capability inventory: The agent has Bash execution permissions. (4) Sanitization: Output from the tool is not sanitized before being processed by the agent.
Audit Metadata